Modifying HTTPS response body not working


#1

Hi,
I am able to see the HTTPS traffic through mitmproxy with my own certificates as I pass them on command line.
When I do modify HTTPS body using below command along with my script it stuck the communication in middle.
I use below command line:

./mitmproxy --cert=mycert.com.pem -T --host -s "modify_config.py"
also, Working with .15 version of mitmproxy.

with decode(flow.response): # automatically decode gzipped responses.
resdata = flow.response.body
responsedata = json.loads(resdata)
dict_temp = {“myfield” : “mitmproxy”}
responsedata.update(dict_temp)
flow.response.body = json.dumps(responsedata)

Below is the details of my SSL request/response and which should be active for few on them.
Client conn. established 2017-09-26 12:40:56.450
Server conn. initiated 2017-09-26 12:40:56.540
Server conn. TCP handshake 2017-09-26 12:40:56.573
Server conn. SSL handshake 2017-09-26 12:40:56.654
Client conn. SSL handshake 2017-09-26 12:40:56.725
First request byte 2017-09-26 12:40:56.731
Request complete 2017-09-26 12:40:56.738
First response byte 2017-09-26 12:40:56.875
Response complete 2017-09-26 12:40:56.885

Same code work perfectly fine for HTTP traffic to modify it.
Is there any way if I could modify ssl traffic or it is not possible through script? or Am I missing any command line parameters?

Thanks
Chandra


#2
import json
from mitmproxy import ctx
from mitmproxy.models import decoded

def response(flow):
       	ctx.log.info("This is some informative text.")
       	with decoded(flow.response):
       		resdata = flow.response.text
       		responsedata = json.loads(resdata)
       		dict_temp = {"myfield" : "mitmproxy"}
       		responsedata.update(dict_temp)
       		flow.response.text = json.dumps(responsedata)

Hope you are not missing the def response(flow) function name. I don’t remember the 0.15 behaviour but you described should work – if syntax of the script is correct. Try pressing ‘e’ to see event logs while mitmproxy is open.


#3

Thanks for replying, That’s correct that I have used the same response callback and same code you mentioned here but still same issue persists. I think I should try the latest version of mitmproxy and see if that works.


#4

I am trying to modify HTTP/HTTPS response using newer version 2.0.2 of mitmproxy but I did not found “decoded” callback and even not found any example “examples/modify_response_body.py” with respect to version 2.0.2.

Below code not working, Is there any similar example which can help to modify HTTP and HTTPS traffic?

import json
from mitmproxy import ctx
from mitmproxy.models import decoded

def response(flow):
ctx.log.info(“This is some informative text.”)
with decoded(flow.response):
resdata = flow.response.text
responsedata = json.loads(resdata)
dict_temp = {“myfield” : “mitmproxy”}
responsedata.update(dict_temp)
flow.response.text = json.dumps(responsedata)


#5

In the

response

handler I simply write in

flow.response.text

and in the client I see the modification.


#6

Thanks, That works fine with HTTP traffic.
Does the same approach will work for HTTPS traffic too?


#7

Nothing different in my script between HTTP and HTTPS, it will work.


#8

Thank you for your help.